1. Field of the Invention
The present invention concerns methods of exchanging data (for example cryptographic keys) between a data processing system, for example an application provider, and an electronic entity (generally a secure electronic entity), such as a microcircuit card.
2. Description of the Related Art
It is well known to use cryptographic keys to secure exchanges between two parties, for example by using one or more cryptographic keys to encrypt messages to be exchanged.
In this context, it is naturally necessary to effect beforehand preparatory steps that enable each of the parties (and only the parties) to encrypt and decrypt messages that they exchange.
One solution for this is that a party (for example a service or application provider) seeking to communicate securely with another party (for example a user of the service or the application) physically sends that party an electronic entity (for example of microcircuit card type) storing the necessary cryptographic keys, which are then used to effect the secure communication.
Necessitating the physical sending of the electronic entity, this solution is naturally somewhat impractical. It would in fact be desirable to be able to exchange the cryptographic keys at a distance (for example to set up secure communication with a new application provider on an electronic entity already held by the user).
In this search for security, in order to make the communication between the two parties as secure as possible without involving a third party organization it is nevertheless desirable to effect this exchange of cryptographic keys without recourse to any security system provided by the network used for the remote communication.